Smart Port Project for a Large Science and Technology Company
Standardization of Hyperconverged Factory for a Large Automotive Parts Company
Hyperconverged Infrastructure for Core Applications of a Semiconductor Company
Standardization of VSAN in a Large Automotive Manufacturing Plant
Intelligent Information Network Infrastructure Development for a Large Bank Office Building
Endpoint Security Implementation Project for a Manufacturing Plant
Data Security Compliance Transmission Project for a Large Bank
Disaster Recovery Backup Project with Two Locations and Three Centers for an Airline Company
Sustained Core Database Operations Project for the Semiconductor Industry
HPC Infrastructure Development Project for a Global Automotive Parts Supplier
Cross-Border Data Consulting and Remediation for a Multinational Manufacturing Enterpris
Integration and Operation of a Managed Security Platform for a Foreign Investment Fund
Unified Security Operations Platform Development Project for an Internet Financial Institution
Managed Security Operations Service Project for an Internationally Renowned Cosmetics Brand
Managed Security Operations Service Project for a Currency Brokerage Company
Technical Support for Critical Security Defense for a Leading Domestic Securities Service Provider
Penetration Testing Service Project for an Automotive Parts Manufacturing Company
Security Baseline Scanning Service for the Insurance Industry
Headquartered in New York, USA, the Group is one of the largest asset management firms globally, dedicated to assisting a greater number of investors in achieving wealth and prosperity.
With the continuous expansion of domestic operations, the integration of SIEM with various security devices has become standard practice.
As the workforce grows and the network security landscape becomes increasingly complex, establishing a security operations team based on the Splunk SIEM platform, alongside the MSS team, has
become essential.
Design and implement a Splunk cross-site disaster recovery architecture for the OA and DR environments of various fund management, financial services, and investment management branches, creating a high-level data analysis platform with robust availability and disaster recovery capabilities.
Manage diverse security data sources, perform data analysis, and ensure normalization.
Develop detection rules in accordance with regulatory requirements set forth by the CSRC and the ISO27001 consulting framework.
Based on user security risk tolerance, security policies, and the ES framework for incident investigation, traceability, and resolution, research and design a security incident response process, categorizing it into relevant Battlecards.
Integrate multiple threat intelligence repositories to facilitate heterogeneous intelligence integration with user security detection use cases, thereby achieving event noise reduction and minimizing false positive rates.
Establish a unified local security incident analysis and management platform to comply with industry regulatory requirements.
Conduct risk planning and design, as well as deliver security incident response combat cards, assisting users in developing a security response process tailored to their organizational characteristics. This will set standards for subsequent internal security operations teams and managed MSS services.